I'm working on something to secure my circle. More coming soon.

When I was talking to a developer, for IBM, at by brothers' wedding I realized how much I REALLY knew about information security. He would talk about problems with his information security posture and I would counter with solutions. "Dude you are in the wrong field. You are smarter than you understand!". That is what he said at the reception. That was two people telling me the same thing. He was the second. The first was the voice in my head. I decided that having cybersecurity on the backburner, as a hobby, was not cutting it. I started making moves at that point, academically, to align myself processsional with security testing and research. That was only 5(ish) years ago!

Every time you think you cannot do it.... just remember.... somebody did!

Also, i'm not sure if I feel like dedicating work solely on the isc2 Cybersecurity cert while already having my Sec+ while eyeing the CySA+.

As many of you have noticed the pictures in the picture galleries are now NOT automatically displayed upright. I'm sorry. Sort of. I updated my rsync script for website updating...

exiftool -r -all= -ext jpg -ext gif -ext png [a-folder-on-my-server]/images/

find [a-folder-on-my-server]/images/ -type f -name '*_original' -delete

As you can see it simply strips EXIF data from images, in images galleries, prior to update and deletes the originals. This caused the issues displayed. I may or may not work on a fix and research the gallery functionality more closely.

You keep the ads at bay and phoning home to a minimum. Pi-Hole is one of the most beneficial, and most utilized, piece of software on my SOHO LAN.

I decided to limit the lighting automation, on front doorway, to after sunset because it only makes more sense. I need to save electricity!

alias: Frigate (Front doorway light on person dectect)
description: ""
trigger:
  - platform: mqtt
    topic: frigate/events
    payload: "on"
    value_template: >-
      {{ "on" if value_json["type"] == "new" and value_json["before"]["camera"]
      == "front_door_cam_fri" and value_json["before"]["label"] == "person" else
      "off"}}
condition:
  - condition: sun
    after: sunset
action:
  - type: turn_on
    device_id: 1ac8dbe1de45515de0cb274ec116b916
    entity_id: light.front_doorway_light
    domain: light
mode: single

Lights shouldn't be needed until after sunset. Right?

I took some time over the weekend to once again use Nessus and see what the offerings were. Similar to my inital learning with Burp-Suite I'm currently limited to a learners/student edition of the scanner. This isn't my first Nessus Rodeo. I setup an Ubuntu Server virtual machine using qemu/kvm. Next I installed Nessus with an education license and proceeded to port 8834, at the VM IP adress, to access the Nessus web UI and configuration wizard.

Installation is as easy as downling the most recent .deb package then; sudo dpkg -i Nessus-10.3.0-ubuntu1404_amd64.deb && sudo /bin/systemctl start nessusd.service

The advanced scan will satisfy most individuals looking to get familar with Nessus from my experience. It is a great way to categorize and prioritize potential risks. Verify a finding as intended functionality and/or false-positive.

May I scan you free of charge? Small businesses, I'm serious.

Passwordless authentication for-the-win. While we sleep, eat, work, and do everything else there may be a system knocking at your front door a hundred times a second. SSH and password authentication can easily turn into an attackers foothole with a little dedication and large enough wordlist..

That is all. For now.

Previous page is now indexed at #8 now.

I have to take a break on starting with the CySA+ studying. I need to focus a little more on some Salesforce platform items for the next few weeks. I may or may not be able to post between now and then. 😔

Also! Don't forget. New page banner added.

The old banners can be viewed with a little URL tampering. Try it out! Be brave! Warning: Rate-limits do exist.